lumma | 565d830df6d0adb01c1add8a2479df88066833766820f11a73cd391705b89ad6

General

Target

eulen-cheate-fivem-main.zip
Size

1.2MB
Sample

250102-26ey7ayrhz
MD5

e0dca3fd79669559317805d943dc23e9
SHA1

fca47ae972efe0c2a7a32510725872724556b100
SHA256

565d830df6d0adb01c1add8a2479df88066833766820f11a73cd391705b89ad6
SHA512

966b13e1d4221f4c232ba4a77793622d8588f132b4a58b023ce865377a54327d39cbf1672fda53d59325d30e4678c7784ab20f98a2a510fb331ca1e135aa1af7
SSDEEP

24576:bSEEZU+aAzBlSzEfTzH5QBkWJQmrfjNiVrGroGxgkIKgk:GEsaAzBSE7zHiFJf/NqrGMGxUdk

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

Targets

- Target
  
  eulen-cheate-fivem-main/Loader.exe
- Size
  
  686KB
- MD5
  
  b6ffc5ab3d9c3d132b0cdb490ed800d2
- SHA1
  
  69f55a57d6353649c3f709163bb7d440a3a7eb7f
- SHA256
  
  138671f56898c4504a02588c6f9c4de6a3961ce015bb147d579bd54bc454ded1
- SHA512
  
  4163a1537f80ef49a9ec9dd17b7bfb442be57afb24519d753ee2e2ba99c443e555b69570218aa1ee3a0e7b6419eb2432089d69f8c9f5771ada0115f2965f0f5d
- SSDEEP
  
  12288:rlGQs6nEzMMU1wYwFozDOVhRGHdhdBBmCU0SmegE0wgoNkTzD5NryZI5L36lo+Qv:MEEIDU+acZBxST0bbzD5Nre
Score

10^/10

lumma discovery stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Lumma family
  lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  eulen-cheate-fivem-main/license.dll
- Size
  
  1.2MB
- MD5
  
  36dea25d49b9dff21acebface8ea2044
- SHA1
  
  5bd97162bc98e36c124811c360dbf29c6233405e
- SHA256
  
  d960a2eac5e7f1aa04e9f8d0da4eb9bb0b097ca58d0ce83ea1bb8351baf26301
- SHA512
  
  64f06db24297e30d7ec91d3cf9ccc33f28eb9041e463933866b09de0d138d964505aa38f32158be5e5491e4aa68d8ae77bccce9c068e5980d2281a24294bccf8
- SSDEEP
  
  24576:1iE0l9oS0Cl/9qZPcYJZEiDO3ytIPMunHuGKFufrrH1:YE0l1ZlVsPc06i63aIPZnBX
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer, LummaC

Lumma family

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2